Star Health hit by data breach, data of 31 million customers distributed on Telegram
Learn More
A data breach has exposed sensitive information belonging to over 31 million customers of Star Health & Allied Insurance, one of India's largest health insurers.
The breach, initially reported by UK-based cybersecurity researcher Jason Parker, involves 7.24 terabytes of data related to over 31 million Star Health customers. The breach has been linked to a hacker identified as "xenZen," and the data is being offered for sale, although small portions are available for free via chatbots on the messaging app Telegram.
These chatbots allow users to download policy and claim documents, some in PDF format, while others could access detailed datasets such as body mass index and policy numbers. Though Telegram has taken down the chatbots, new ones continue to appear.
The compromised information includes:
- Names
- Addresses
- Contact information (phone numbers)
- Policy details
- Claim documents
- Government ID numbers (e.g., tax details, copies of ID cards)
- Medical history, including test results and diagnoses
The nature of the attack is not disclosed.
Star Health has lodged a complaint with local authorities, including the cybercrime department in Tamil Nadu and the federal cyber security agency CERT-In. In an official statement, Star Health claimed its preliminary findings did not show a "widespread compromise" and emphasized that customer privacy is a top priority.
Customers whose data was leaked confirmed the authenticity of the exposed documents, though they had not been notified of the breach by the company.
Update - as of 9th of October, Star Health and Allied Insurance has confirmed a cyberattack that led to the unauthorized access and possible theft of sensitive customer data. This incident follows claims made by a hacker, identified as "xenZen," who alleged that they have obtained and leaked personal information of about 30 million customers, including names, addresses, phone numbers, PAN details, and medical records. The hacker is demanding a ransom of $68,000.
The hacker has accused Star Health's Chief Information Security Officer (CISO), Amarjeet Khanuja, of selling the data and later renegotiating for higher compensation. Chat logs and emails purportedly showing these interactions have been shared online. However, Star Health has denied any evidence of wrongdoing by the CISO following a preliminary investigation.
